Aufgaben

Position Summary: This position is responsible for focusing domain areas of expertise as well as a good breadth of experience across Hardware Penetration Testing, Medical IoT devices Penetration Testing, fuzz testing, Open-Source Intelligence, and Physical Security Testing according to RED Cybersecurity Directive. This position is an on-site position in Gormley, Canada. Responsibilities: Assist our clients in preparing for certifications through collaborative workshops, training sessions, or pre-compliance. Perform medical device vulnerability scans, fuzz testing, penetration testing, security code reviews, and reverse engineering. Carry out IOT penetration tests, application, network, systems, and infrastructure penetration tests and perform various aspects of vulnerability assessments / penetration tests across a wide variety of platforms and technologies in the medical industry. Perform targeted testing activities to identify weaknesses and methods in which to exploit them. Review threat models and perform security risk assessments of medical and IoT products Keep up to date with tools, countermeasures, threats and technologies. Interpret vulnerabilities, identify weaknesses, exploiting them and escalate access. Prepare Detailed Technical Reports. Qualifikationen

Education and Experience: Degree in Information Security, Computer Science, Computer/Software Engineering, Electrical Engineering, or relevant work experience. An equivalent combination of vocational training and relevant experience, such as Software Engineering, will also be considered. While certifications such as CISSP, CISA, or similar are not required, you are welcome to obtain them during your tenure with us. Experience with open source and commercial penetration testing security tools in an enterprise environment. Knowledge, Skills, and Abilities: Programming skills in Python, C/C++, C#, or similar for the purpose of code review and test automation Excellent technical expertise (in both breadth and depth), written communication skills, time management skills, and the ability to communicate effectively with numerous lines of business representatives. Proficiency with Windows, Unix/Linux, and mobile platform operating systems. Comprehension of OWASP Top 10 (both web and (M)IoT), OSSTMM, PTES, NIST and able to understand and communicate findings to customers Must be willing to work flexible hours; must also be able to travel, as required. Comfortable working in a fast-paced environment